Re: [Fedora] Re: Logging denied packets (iptables)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Ashley M. Kirchner wrote:
> Mike Wohlgemuth wrote:
>> Here's what I do:
>>
>> -N LOGDROP
>> -A LOGDROP -j LOG --log-prefix "$IPTABLES drop:"
>> -A LOGDROP -j DROP
>>
>> Then you can add lines for the things you want logged like this:
>>
>> -A INPUT -s www.xxx.yyy.zzz/aa -j LOGDROP
>    Now that works great (I removed the $ from it.)  The only, small,
> issue is that I'd like some kind of identifier when it logs, instead
> of just saying 'IPTABLES drop:'.  Is there a way of saying something
> like, 'all these IP ranges belong to .ru domains' and then when it
> logs the packet, to have the prefix say 'IPTABLES drop .ru: '  And
> do the same for other ranges that are defined (at the moment they
> have .ru, .hk, .cn, etc., etc. blocked.)
>
>    Or do I have to create individual chains for each one, and change
> the prefix on each?
>

It is usually easier to allow from a few and DROP everyone else.  You
should not be say excluding country domains for any reason.
The more complex you make the rules, the more chance for errors.
Besides, the IP addresses are not always static.  As new IP service
providers are added you will have to update your table like crazy....

Just my opinion.

- -James
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
 
iD8DBQFHFmZLkNLDmnu1kSkRApw5AJ9mEhgb0eho7IUkc3eAecDkmLZP0ACeIqnb
Y9fIOgN+8ye5lKfnhj4NRuY=
=VVXR
-----END PGP SIGNATURE-----

-- 
Scanned by ClamAV - http://www.clamav.net

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux